Please ask questions ONLY in this topic.

A little girl made a website to post poetry related to peace and understanding. American fascists have hacked this website replacing it with Hitler-esque propaganda. Can you repair the website?

Re: Need help again :D

Post by Crystal_Bearer on Sat Apr 26, 2008 5:06 pm
([msg=1441]see Re: Need help again :D[/msg])

In other words... you're trying to overwrite index.html. How would you go about writing / 'submitting' anything?
Crystal_Bearer
Experienced User
Experienced User
 
Posts: 51
Joined: Tue Apr 15, 2008 1:48 am
Blog: View Blog (0)


Re: stumped

Post by h0und on Tue Apr 29, 2008 10:45 am
([msg=1717]see Re: stumped[/msg])

GTADarkDude wrote:Find a place where you can submit stuff. That place is exploitable.



Which kind of exploit do I have to use? I tried SQL with both OR and ||, *nix with &&, still getting it's been submitted and it's going to be posted.
h0und
New User
New User
 
Posts: 3
Joined: Tue Apr 29, 2008 9:33 am
Blog: View Blog (0)


Re: stumped

Post by purple_pixie on Tue Apr 29, 2008 10:55 am
([msg=1719]see Re: stumped[/msg])

Maybe you have to actually think about it ;-)

Explain how you think an && or || would help ... what would it *do*

Don't just try "exploits" until you find one that works, think about what you are trying to achieve.
In real terms.

Then how to achieve it.
purple_pixie
New User
New User
 
Posts: 22
Joined: Mon Apr 28, 2008 8:08 am
Blog: View Blog (0)


Re: stumped

Post by l3c0rbusi3r on Wed Apr 30, 2008 2:08 pm
([msg=1742]see Re: stumped[/msg])

i've tried SSI with ls command...nothing......just tells me that the poem's been saved. any help?
l3c0rbusi3r
New User
New User
 
Posts: 5
Joined: Sun Apr 27, 2008 4:16 am
Blog: View Blog (0)


Re: stumped

Post by stickperson12345 on Wed Apr 30, 2008 2:51 pm
([msg=1743]see Re: stumped[/msg])

l3c0rbusi3r wrote:i've tried SSI with ls command...nothing......just tells me that the poem's been saved. any help?

It tells you the poem has been saved right away, though probably somewhere else. Remembering basic 8 will help you here.
Then think... what file do you want to replace, where, and with what?

Hope I didn't give too much away. Good luck!
stickperson12345
New User
New User
 
Posts: 4
Joined: Sun Apr 27, 2008 2:41 am
Blog: View Blog (0)


Re: stumped

Post by TheMindRapist on Wed Apr 30, 2008 6:43 pm
([msg=1787]see Re: stumped[/msg])

c24lightning wrote:D*re***r* T****ve**a*

...
You shouldn't tell them lol.
Image
User avatar
TheMindRapist
Contributor
Contributor
 
Posts: 585
Joined: Mon Apr 14, 2008 4:57 pm
Blog: View Blog (0)


Re: stumped

Post by c24lightning on Thu May 01, 2008 7:43 pm
([msg=1877]see Re: stumped[/msg])

TheMindRapist wrote:
c24lightning wrote:D*re***r* T****ve**a*

...
You shouldn't tell them lol.

Asterisk invented to conceal certain characters. :o

Yeah, that'd be funny if they never found out.. :D Someone has to help.
Here's some sites you might be interested in:

Need a proxy? Here - user:pass combination is proxy:bypass
c24lightning
Poster
Poster
 
Posts: 203
Joined: Sat Apr 19, 2008 7:46 am
Location: The infinite insanity of thought
Blog: View Blog (0)


Re: Need help again :D

Post by c24lightning on Thu May 01, 2008 7:47 pm
([msg=1878]see Re: Need help again :D[/msg])

Scienceman123 wrote:Crud.
Highlight for text below.
I've tried using SHTML commands with UNIX ones inside, but nothing happens. I've tried "ls", "cd ..", etc. But nothing works.

What was the point of the color change?

Color change is for spoilers? Then why'd you say "highlight this."? You could have just put everything in the same color, and take away the "HIGHLIGHT THIS." :x
_______________________
Take advantage of "forms"..
Here's some sites you might be interested in:

Need a proxy? Here - user:pass combination is proxy:bypass
c24lightning
Poster
Poster
 
Posts: 203
Joined: Sat Apr 19, 2008 7:46 am
Location: The infinite insanity of thought
Blog: View Blog (0)


Re: stumped

Post by No_Effin_Way on Fri May 09, 2008 5:48 am
([msg=2153]see Re: stumped[/msg])

l3c0rbusi3r wrote:i've tried SSI with ls command...nothing......just tells me that the poem's been saved. any help?


c24lightning wrote:D*re***r* T****ve**a*


If you figure out what that says, google it.
No_Effin_Way
New User
New User
 
Posts: 3
Joined: Fri May 09, 2008 4:13 am
Blog: View Blog (0)


Re: stumped

Post by Jheshka on Thu May 15, 2008 8:07 pm
([msg=2535]see Re: stumped[/msg])

What you need to do is get the source code of the original website, and exploit a php code to replace a different file...

You should read up about directory transversal
Jheshka
New User
New User
 
Posts: 5
Joined: Thu May 15, 2008 7:58 pm
Blog: View Blog (0)


PreviousNext

Return to (Real 3) Peace Poetry: HACKED

Who is online

Users browsing this forum: No registered users and 0 guests